Scheduling Patch Scans

When you initiate a patch operation from a machine group, from a favorite, or from Machine View, the Agentless Operation dialog is displayed. This dialog enables you to specify if the operation should run now or be scheduled for a future time or date. You can also specify if you want to automatically stage and deploy any missing patches detected by the scan.

Make sure you assign credentials for all machines involved in the scheduled scan.



1. Name this operation

Enables you to provide a unique name for the operation. By default the name of the machine group or favorite used to initiate the operation will be used. The name is displayed in several locations: Scheduled Task Manager, Operations Monitor, the Results pane and the Scan View scan summary.

2. Select/confirm targets

This list is a reminder of the machine group(s) that will be affected by the operation. If the wrong group is listed, click Cancel and re-initiate the operation using the correct group.

Select a patch scan template

Select the template you want to use when performing the patch scan (Security Patch Scan, All Patches, or a custom patch scan template).

Select schedule

There are three scheduling options:

  • Now runs the operation as soon as the Scan now or Run button is clicked.
  • Once indicates that the operation will be run once at the day and time selected.
  • Recurring allows an administrator to regularly schedule operations at a specific time and using a specified recurrence pattern. For example, using this option, an operation could be run every night at midnight, every Saturday at 9 PM, every weekday at 11 PM, or at any other user-selected time and interval. In addition to monthly and daily intervals, a minute-based interval may also be available.

You can also use the Recurring option to schedule an operation in conjunction with a regular monthly event such as Microsoft's Patch Tuesday. For example, you might schedule a monthly patch scan to occur the day after Patch Tuesday by specifying The Second Tuesday and then using the Add delay (days) option to delay the operation by one day.

Stage deployment package

This area enables you to choose if you want to automatically stage a deployment package following the scan.

  • If you only want to perform a scan, choose Do not stage (scan only).
  • If you want to automatically stage a deployment package for any patches that are detected as missing by the scan, choose either Immediately after the scan or Schedule at. The staging process includes creating the deployment package and copying the package to the target machine.
  • For information on automatically staging and executing patch deployments, see Automatically Deploying Patches.

Execute deployment package

This area enables you to specify if and when a deployment package should be executed on a target machine. This area is not available if Do not stage (scan only) is selected. For more information, see Automatically Deploying Patches.

When the desired options are selected, click Scan now or Run (if Now is selected) or Schedule (if Once or Recurring is selected).

  • Scan now/Run: The operation is initiated immediately and the Operations Monitor is displayed.
  • Schedule: The scan operation is scheduled on the console machine. See Monitoring a Scheduled Patch Scan for details.
  • If scheduled credentials are not currently assigned the Scheduled Console Scans/Operations Credential dialog is displayed. You must assign a shared credential to perform a schedule action. You can use the Set scheduler credential button on the Scheduled Console Tasks dialog to view and modify which credential is being used as the scheduler credential.

    The scheduled credentials are only used to schedule the operation on the console machine. The scheduled credentials are (typically) different from the machine-level credentials that are used to perform the actual operations on the target machines.